1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Repeatedly Getting Kicked Off Line!!

Discussion in 'Earlier Versions of Windows' started by lucyscap, Jan 11, 2006.

Thread Status:
Not open for further replies.
Advertisement
  1. lucyscap

    lucyscap Thread Starter

    Joined:
    Jan 19, 2004
    Messages:
    119
    Hi to my favorite tech guys:
    I have to type really fast b4 I get kicked off again! Have AOL(I know, I know) stay on only 2 min or so---some weird stuff popping up too. Ran virus scan & adaware--both OK.
    Can someone look at this hijack lkog?? Thanks!!
    Logfile of HijackThis v1.97.7
    Scan saved at 11:01:37 PM, on 1/11/06
    Platform: Windows 98 Gold (Win9x 4.10.1998)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\SPOOL32.EXE
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\SA3DSRV.EXE
    C:\WINDOWS\SYSTEM\DDHELP.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\EXPLORER.EXE
    C:\COMPAQ\INTERNET\WATCHDOG.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\WINDOWS\STUTFIX.EXE
    C:\WINDOWS\SYSTEM\ATICWD32.EXE
    C:\WINDOWS\SYSTEM\STIMON.EXE
    C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
    C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
    C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
    C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
    C:\WINDOWS\SYSTEM\QTTASK.EXE
    C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGWB.DAT
    C:\AMERICA ONLINE 6.0B\WAOL.EXE
    C:\WINDOWS\TEMP\HIJACKTHIS.EXE

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.presario.net/scripts/redirectors/presario/srchredir.dll?c=3c98&s=search&i=enu
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.presario.net/scripts/redirectors/presario/srchredir.dll?c=3c98&s=search&i=enu
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.presario.net/scripts/redirectors/presario/srchredir.dll?c=3c98&s=search&i=enu
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by America Online
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://keyword.netscape.com/keyword/%s
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
    O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [Watch Dog Program] C:\COMPAQ\INTERNET\WATCHDOG.EXE
    O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [Compaq Internet Setup] C:\Compaq\Internet\InetWizard.exe /RUN
    O4 - HKLM\..\Run: [EACLEAN] C:\Program Files\Compaq\Easy Access Button Support\eaclean.exe /NORESTART
    O4 - HKLM\..\Run: [idriveServer] C:\Program Files\idrive\idriveProxy.exe
    O4 - HKLM\..\Run: [Essdc] essdc.exe
    O4 - HKLM\..\Run: [CPQSTUTFIX] C:\Windows\stutfix.exe
    O4 - HKLM\..\Run: [Aureal A3D Interactive Audio Init] A3dInit.exe
    O4 - HKLM\..\Run: [AtiCwd32] Aticwd32.exe
    O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
    O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE
    O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
    O4 - HKLM\..\RunServices: [Aureal A3D Interactive Audio] sa3dsrv.exe
    O8 - Extra context menu item: Clip Page to i-drive - C:\Program Files\idrive\scrapbook.htm
    O8 - Extra context menu item: Bookmark to i-drive - C:\Program Files\idrive\bookmark.htm
    O8 - Extra context menu item: Logoff i-drive - C:\Program Files\idrive\logoff.htm
    O8 - Extra context menu item: Filo™ Properties... - C:\Program Files\idrive\properties.htm
    O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
    O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
    O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
    O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html
    O9 - Extra button: AIM (HKLM)
    O12 - Plugin for .mol: C:\PROGRA~1\INTERN~1\PLUGINS\NPCHIME.DLL
    O12 - Plugin for .pdb: C:\PROGRA~1\INTERN~1\PLUGINS\NPCHIME.DLL
    O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
    O12 - Plugin for .scr: C:\PROGRA~1\INTERN~1\PLUGINS\NPCHIME.DLL
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
    O16 - DPF: {DA28C54E-D95C-11D3-9A01-005004677EF4} (McAfee.com Component Download Manager Class) - http://download.mcafee.com/molbin/clinic/CDM/McCDM.cab
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://bin.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,76/mcinsctl.cab
    O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://bin.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,16/mcgdmgr.cab
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?38006.7775
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/zuma/default/popcaploader_v5.cab
    O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) - http://zone.msn.com/binGame/ZAxRcMgr.cab
    O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
    O16 - DPF: {2253F320-AB68-4A07-917D-4F12D8884A06} (ChainCast VMR Client Proxy) - http://www.streamaudio.com/download/ccpm_0237.cab
    O16 - DPF: {64D01C7F-810D-446E-A07E-16C764235644} (AtlAtomadersCtlAttrib Class) - http://zone.msn.com/bingame/amad/default/atomaders.cab
    O16 - DPF: {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} (WebGameLoader Class) - http://zone.msn.com/bingame/rtlw/default/ReflexiveWebGameLoader.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
    O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
    O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://zone.msn.com/bingame/feed/default/SproutLauncher.cab
    O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
    O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://zone.msn.com/bingame/shpo/default/shapo.cab
    O16 - DPF: {3DA5D23B-EFE1-4181-ADB7-7D457567AACA} (TGOnlineCtrl Class) - http://zone.msn.com/bingame/pacz/default/pandaonline.cab
     
  2. sammysosa

    sammysosa

    Joined:
    Nov 25, 2005
    Messages:
    437
    There are some other system problems to be dealt with first:

    First of all, you're using an OLD version of Hijack This, which you've installed in the Windows\Temp folder, both of which are problems that need fixing; you'll have to download and install the latest version of HJT. If you use the link I'll provide to download from, HJT will automatically install into the Program Files folder, which is a better choice. One reason NOT to install HJT in a TEMP folder is because TEMP folders occasionally get deleted, which will not help you at all. Even worse, your old version of HJT is outdated, so installing the newest version will allow HJT to find the newest problems that could be hiding on your system.

    Please follow these instructions on where to download HJT from, and where to install it. Open the Control Panel > Add / Remove Programs, and uninstall your old version of HJT. Then, download and run the NEW version according to the instructions below, and post the new log here.

    I'm pasting instructions for you here from a previous post, which will save me some typing:

    First, download the latest version of HJTsetup.exe from this link:

    http://www.thespykiller.co.uk/files/HJTsetup.exe

    * Save HJTsetup.exe to your desktop.

    * CLOSE ALL OPEN PROGRAMS; you can keep your browser open to these instructions, but it would be better if you printed the instructions, or copy-and-pasted them into Notepad, then closed the browser.

    * Double-click on the HJTsetup.exe icon on your desktop.

    * By default, it will install HJT to C:\Program Files\Hijack This.

    * Continue to click Next in the setup dialog boxes until you get to the "Select Additional Tasks" dialog.

    * Put a checkmark by "Create a desktop icon", then click the "Next" button.

    * Continue to follow the rest of the prompts from there.

    * At the final dialog box click on "Finish"; that will start the Hijack This program.

    * Click on the "Do a system scan and save a log file" button. HJT will scan your system and then ask you to save the log.

    * Click "Save" to save the log file, then the log will open in Notepad.

    * Click on "Edit > Select All", then click on "Edit > Copy" to copy the entire contents of the log.

    * Come back to this thread and paste the log in your next reply.

    * DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless, or even required.

    Once you've posted your HJT log, we'll advise you on what to do next.

    Keep in mind that the link I've provided will give you the NEWEST version of HJT, so please take a minute to download the file (HJT is small enough to fit on a single floppy disk five or six times), so the download should only take a few seconds over broadband, and less than a minute with dialup...
     
  3. lucyscap

    lucyscap Thread Starter

    Joined:
    Jan 19, 2004
    Messages:
    119
    Thanks Sammy~new log below:
    Logfile of HijackThis v1.99.1
    Scan saved at 1:39:29 PM, on 1/12/06
    Platform: Windows 98 Gold (Win9x 4.10.1998)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\SPOOL32.EXE
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\SA3DSRV.EXE
    C:\WINDOWS\SYSTEM\DDHELP.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\WINDOWS\STUTFIX.EXE
    C:\WINDOWS\SYSTEM\ATICWD32.EXE
    C:\WINDOWS\SYSTEM\STIMON.EXE
    C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
    C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
    C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
    C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
    C:\WINDOWS\SYSTEM\QTTASK.EXE
    C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
    C:\PROGRAM FILES\HIJACKTHIS\HIJACKTHIS.EXE

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.presario.net/scripts/redirectors/presario/srchredir.dll?c=3c98&s=search&i=enu
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.presario.net/scripts/redirectors/presario/srchredir.dll?c=3c98&s=search&i=enu
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.presario.net/scripts/redirectors/presario/srchredir.dll?c=3c98&s=search&i=enu
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://keyword.netscape.com/keyword/%s
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by America Online
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [Watch Dog Program] C:\COMPAQ\INTERNET\WATCHDOG.EXE
    O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [Compaq Internet Setup] C:\Compaq\Internet\InetWizard.exe /RUN
    O4 - HKLM\..\Run: [EACLEAN] C:\Program Files\Compaq\Easy Access Button Support\eaclean.exe /NORESTART
    O4 - HKLM\..\Run: [idriveServer] C:\Program Files\idrive\idriveProxy.exe
    O4 - HKLM\..\Run: [Essdc] essdc.exe
    O4 - HKLM\..\Run: [CPQSTUTFIX] C:\Windows\stutfix.exe
    O4 - HKLM\..\Run: [Aureal A3D Interactive Audio Init] A3dInit.exe
    O4 - HKLM\..\Run: [AtiCwd32] Aticwd32.exe
    O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
    O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE
    O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
    O4 - HKLM\..\RunServices: [Aureal A3D Interactive Audio] sa3dsrv.exe
    O8 - Extra context menu item: Clip Page to i-drive - C:\Program Files\idrive\scrapbook.htm
    O8 - Extra context menu item: Bookmark to i-drive - C:\Program Files\idrive\bookmark.htm
    O8 - Extra context menu item: Logoff i-drive - C:\Program Files\idrive\logoff.htm
    O8 - Extra context menu item: Filo™ Properties... - C:\Program Files\idrive\properties.htm
    O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
    O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
    O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
    O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\AIM\AIM.EXE
    O12 - Plugin for .mol: C:\PROGRA~1\INTERN~1\PLUGINS\NPCHIME.DLL
    O12 - Plugin for .pdb: C:\PROGRA~1\INTERN~1\PLUGINS\NPCHIME.DLL
    O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
    O12 - Plugin for .scr: C:\PROGRA~1\INTERN~1\PLUGINS\NPCHIME.DLL
    O16 - DPF: {DA28C54E-D95C-11D3-9A01-005004677EF4} (McAfee.com Component Download Manager Class) - http://download.mcafee.com/molbin/clinic/CDM/McCDM.cab
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://bin.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,76/mcinsctl.cab
    O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://bin.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,16/mcgdmgr.cab
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/zuma/default/popcaploader_v5.cab
    O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) - http://zone.msn.com/binGame/ZAxRcMgr.cab
    O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
    O16 - DPF: {2253F320-AB68-4A07-917D-4F12D8884A06} (ChainCast VMR Client Proxy) - http://www.streamaudio.com/download/ccpm_0237.cab
    O16 - DPF: {64D01C7F-810D-446E-A07E-16C764235644} (AtlAtomadersCtlAttrib Class) - http://zone.msn.com/bingame/amad/default/atomaders.cab
    O16 - DPF: {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} (WebGameLoader Class) - http://zone.msn.com/bingame/rtlw/default/ReflexiveWebGameLoader.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
    O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
    O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://zone.msn.com/bingame/feed/default/SproutLauncher.cab
    O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://zone.msn.com/bingame/shpo/default/shapo.cab
    O16 - DPF: {3DA5D23B-EFE1-4181-ADB7-7D457567AACA} (TGOnlineCtrl Class) - http://zone.msn.com/bingame/pacz/default/pandaonline.cab
     
  4. lucyscap

    lucyscap Thread Starter

    Joined:
    Jan 19, 2004
    Messages:
    119
    P.S. In perusing the log above I noticed some McAfee stuff----I no longer have their anti virus program---why is it appearing??
     
  5. sammysosa

    sammysosa

    Joined:
    Nov 25, 2005
    Messages:
    437
    To be honest, nothing jumped out at me as being suspicious. Those old McAfee entries are probably scraps left behind after you uninstalled it, but it will be easy to clean them later. For now, I'm going to ask you to read through another thread, which might help you with general information:

    http://forums.techguy.org/security/...n-how-tighten-security-settings-warnings.html

    Within that thread, you'll find the link to Spybot Search & Destroy, which you should download and run. Set the option to use TeaTimer as instructed, then let us know what Spybot finds on your system...
     
  6. lucyscap

    lucyscap Thread Starter

    Joined:
    Jan 19, 2004
    Messages:
    119
    Installed & ran Spybot~no immediate threats found....
    Just wanrted to mention---have not been kicked off at all today.
    But yesterday--when typing in an email address the first part of the prefix stayed same "Colin" --but another last name appeared with the suffix -> .ru
    Anything to worry about---or something going on with AOL?
     
  7. sammysosa

    sammysosa

    Joined:
    Nov 25, 2005
    Messages:
    437
    Well, the .RU indicates a RUSSIAN website, or e-mail address, or SOME connection to a Russian location. Since this is related to an e-mail address, the best advice I can give you is to check your e-mail address book for entries that end in .RU, and disable or delete them. If the deleted .RU entries reappear, you'll know something is rotten in Denmark (or elsewhere). I've never dealt with AOL e-mail, so I can't advise you further without knowing more, but I certainly do NOT want you to post any e-mail addresses in the forum.

    If you want to send me a PM with the suspicious e-mail addresses, I will do my best to investigate them for you, but I can't guarantee you I'll be able to find anything that will help you. OTOH, I'm pretty good at finding information, so I'll leave this decision up to you. You do NOT need to send me any OTHER e-mail addresses, just the ones you have concerns about. I'll try to post a reply to you within 24 hours; if need be, I'll send you the information in a PM, to maintain privacy. There is no reason for us to reveal e-mail addresses unless we find definitive proof of wrongdoing. If those e-mail addresses have already been published as being involved in illegal activities, I'll tell you that, and provide the links to the webpages which would prove that.

    This is your choice; I'll do my best to help you whatever you decide. Right now, I have to think your e-mail address book has some entries you don't want there. You can choose to delete them and see what happens next, or PM me with specifics and let me see if I track down more information for you.

    Good luck; let me know what you decide.
     
  8. lucyscap

    lucyscap Thread Starter

    Joined:
    Jan 19, 2004
    Messages:
    119
    Sammy_
    Funny, I never use my Address Book since it picked up a bad virus a few years back. I assumed it was empty. Just looked and there are a bunch of addresses I did not put there--although I am familiar with some of them. The aforementioned one is indeed in there and on second look it is actually from Romania .ro Tried to send you it in a PM but you have that feature turned off.
     
  9. sammysosa

    sammysosa

    Joined:
    Nov 25, 2005
    Messages:
    437
    I don't know why you can't send me a PM; I've got 114 of them so far, which leaves plenty of room in the Inbox.

    I know nothing about AOL e-mail, but you might want to consider setting up a free web-based e-mail account (G-Mail and Yahoo are undoubtedly the best), then clean out the AOL mailbox. Delete all of the suspicious addresses, and check every few days to see if any new ones appear. I'm concerned that COPIES of every e-mail you send through AOL are being sent to those other addresses, though I have no proof of that. You should be able to check the record of the mail you've SENT, to see if those .RO e-mail addresses are ALSO getting mail from you; you never know what is going on behind the scenes. If you find or even SUSPECT a problem, you should notify AOL right away, and change your AOL password. Keep in mind that other people might be seeing EVERYTHING you send through your AOL account, so as I've suggested, you might want to set up a free-mail account to handle your personal e-mail for a while.

    The AOL browser is actually Internet Explorer, which means it is JUNK. Both IE and AOL allow the use of ActiveX controls, which makes them vulnerable to attack. Firefox and the Mozilla Suite are IMMUNE to ActiveX controls, so you might want to make plans to dump AOL and sign up with a REAL ISP, one which DOESN'T have a policy to FORCE you to use Internet Explorer. If you want an example of how ActiveX controls work, consider this:

    When you decide to sign-off from using AOL, the system doesn't always disconnect immediately; that is because AOL is FORCING the line to stay open while they check to see which websites you've visited, which advertising you've seen recently, which (if any) advertisements you've CLICKED on, which terms you've searched for... the list is just about endless. THEN, they download MORE advertising for you to see the NEXT time you open the AOL browser, EVEN if you CAN'T get online for some reason. MANY people criticize AOL, for a thousand different reasons; I criticize them for ONE primary reason: the COMPLETE lack of privacy their subscribers/victims are subjected to (which includes my elderly mother!), and I HOPE you'll decide to find a new ISP.

    I'll check to see what is wrong with my PM Inbox settings, and I hope you'll try to send me those PMs again. I'll see if I can find any information about those .RO addresses...

    Good luck with this; I don't know if your AOL account has been compromised, but it doesn't look good...

    EDIT: Just checked my account settings; can't find any reason why you shouldn't be able to send me a PM. I received one earlier today without a problem... I have E-MAIL blocked, but PMs are available...
     
  10. lucyscap

    lucyscap Thread Starter

    Joined:
    Jan 19, 2004
    Messages:
    119
    Sammy:
    The message I get is that I have disabled PM's.
    However, I tried 3 timed to enable it and it isn't working.
    I don't know how else to get the info to you ;(
     
  11. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/433369

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice